From a20025f9ce967ae845e3c675d764d4d1ce4f4f2c Mon Sep 17 00:00:00 2001
From: Tim Pierce <twp@curoverse.com>
Date: Thu, 3 Apr 2014 14:22:10 -0400
Subject: [PATCH] Use quotemeta to protect shell escapes (refs #2221, #2325)

---
 sdk/cli/bin/crunch-job | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/sdk/cli/bin/crunch-job b/sdk/cli/bin/crunch-job
index 40b0033757..e81628cc2b 100755
--- a/sdk/cli/bin/crunch-job
+++ b/sdk/cli/bin/crunch-job
@@ -758,7 +758,7 @@ if ($job_has_uuid) {
 if ($Job->{'output'})
 {
   eval {
-    my $manifest_text = `arv keep get $Job->{'output'}`;
+    my $manifest_text = `arv keep get \Q$Job->{'output'}\E`;
     $arv->{'collections'}->{'create'}->execute('collection' => {
       'uuid' => $Job->{'output'},
       'manifest_text' => $manifest_text,
@@ -1223,7 +1223,8 @@ sub save_meta
   return if $justcheckpoint;  # checkpointing is not relevant post-Warehouse.pm
 
   $local_logfile->flush;
-  my $cmd = "arv keep put --filename $keep_logfile ". $local_logfile->filename;
+  my $cmd = "arv keep put --filename \Q$keep_logfile\E "
+      . quotemeta($local_logfile->filename);
   my $loglocator = `$cmd`;
   die "system $cmd failed: $?" if $?;
 
-- 
2.30.2